# Contributor: Eivind Uggedal <eu@eju.no>
# Contributor: Jake Buchholz Göktürk <tomalok@gmail.com>
# Maintainer: Jake Buchholz Göktürk <tomalok@gmail.com>
pkgname=docker
pkgver=26.1.2
_cli_commit=211e74b2407f24fd305907c8f90430a9f465df66    # https://github.com/docker/cli/commits/v$pkgver
_moby_commit=ef1912d8b6aec9fbc049002188be1fc0792f76d5   # https://github.com/moby/moby/commits/v$pkgver
pkgrel=1
pkgdesc="Pack, ship and run any application as a lightweight container"
url="https://www.docker.io/"
arch="all"
license="Apache-2.0"
_engine_deps="ca-certificates containerd iptables tini-static"
makedepends="go btrfs-progs-dev bash linux-headers coreutils lvm2-dev libtool libseccomp-dev
	$_engine_deps"
options="net chmod-clean"
install="$pkgname-engine.pre-install"

# secfixes:
#   26.0.2-r0:
#     - CVE-2024-32473
#   26.0.0-r0:
#     - CVE-2024-29018
#   25.0.2-r0:
#     - CVE-2024-23651
#     - CVE-2024-23652
#     - CVE-2024-23653
#     - CVE-2024-23650
#     - CVE-2024-24557
#   23.0.3-r0:
#     - CVE-2023-28840
#     - CVE-2023-28841
#     - CVE-2023-28842
#   23.0.2-r0:
#     - CVE-2023-26054
#   20.10.20-r0:
#     - CVE-2022-39253
#   20.10.18-r0:
#     - CVE-2022-36109
#   20.10.16-r0:
#     - CVE-2022-29526
#   20.10.14-r0:
#     - CVE-2022-24769
#   20.10.11-r0:
#     - CVE-2021-41190
#   20.10.9-r0:
#     - CVE-2021-41089
#     - CVE-2021-41091
#     - CVE-2021-41092
#   20.10.3-r0:
#     - CVE-2021-21285
#     - CVE-2021-21284
#   19.03.14-r0:
#     - CVE-2020-15257
#   19.03.11-r0:
#     - CVE-2020-13401
#   19.03.1-r0:
#     - CVE-2019-14271
#   18.09.8-r0:
#     - CVE-2019-13509
#   18.09.7-r0:
#     - CVE-2018-15664

subpackages="
	$pkgname-engine:engine
	$pkgname-openrc:engine_openrc:noarch
	$pkgname-cli:cli
	$pkgname-doc:cli_doc:noarch
	$pkgname-bash-completion
	$pkgname-fish-completion
	$pkgname-zsh-completion
	$pkgname-rootless-extras:rootless
	"

source="
	cli-$pkgver.tar.gz::https://github.com/docker/cli/archive/v$pkgver.tar.gz
	moby-$pkgver.tar.gz::https://github.com/moby/moby/archive/v$pkgver.tar.gz
	docker.initd
	docker.confd
	docker-rootless-extras.conf
	"

builddir="$srcdir"
_cli_builddir="$srcdir/cli-$pkgver"
_moby_builddir="$srcdir/moby-$pkgver"

_buildtags="seccomp"

export GO111MODULE=off # go1.16 defaults to on
export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
export CGO_ENABLED=1 # go1.22 needs this

build() {
	export AUTO_GOPATH=1
	export GITCOMMIT=$_cli_commit		# for cli
	export DOCKER_GITCOMMIT=$_moby_commit	# for moby
	export DOCKER_BUILDTAGS=$_buildtags
	export DISABLE_WARN_OUTSIDE_CONTAINER=1
	unset CC # prevent possible ccache issues

	case "$CARCH" in
		armv7) export GOARM=7;;
	esac

	# engine (moby)
	msg "building engine"
	cd "$_moby_builddir"
	mkdir -p src/github.com/docker/
	ln -sf "$_moby_builddir" src/github.com/docker/docker
	GOPATH="$PWD" VERSION="$pkgver" hack/make.sh dynbinary

	# Required for building man-pages
	export GOPATH="$_cli_builddir"
	export GOBIN="$GOPATH/bin"
	export PATH="$GOBIN:$PATH"

	# cli
	msg "building cli"
	cd "$_cli_builddir"
	mkdir -p "$GOPATH"/src/github.com/docker/
	ln -sf "$_cli_builddir" "$GOPATH"/src/github.com/docker/cli
	LDFLAGS="" make VERSION="$pkgver" dynbinary

	# docker man
	msg "building docker man pages"
	make manpages
}

package() {
	# docker itself is a meta package
	# note that cli-buildx is circular to have with this toplevel
	depends="docker-engine=$pkgver-r$pkgrel docker-cli=$pkgver-r$pkgrel docker-cli-buildx"

	install -Dm644 "$_cli_builddir"/contrib/completion/fish/$pkgname.fish \
		"$pkgdir"/usr/share/fish/vendor_completions.d/$pkgname.fish

	install -Dm644 "$_cli_builddir"/contrib/completion/zsh/_$pkgname \
		"$pkgdir"/usr/share/zsh/site-functions/_$pkgname

	install -Dm644 "$_cli_builddir"/contrib/completion/bash/$pkgname \
		"$pkgdir"/usr/share/bash-completion/completions/$pkgname

	install -Dm644 "$_cli_builddir"/man/man1/* \
		-t "$pkgdir"/usr/share/man/man1/

	# 'build/docker' is a symlink to 'docker-linux-$arch' e.g. 'docker-linux-amd64'
	install -Dm755 "$_cli_builddir"/build/docker \
		"$pkgdir"/usr/bin/docker

	install -Dm755 -t "$pkgdir"/usr/bin \
		"$_moby_builddir"/bundles/dynbinary-daemon/dockerd \
		"$_moby_builddir"/bundles/dynbinary-daemon/docker-proxy

	# symlink externally provided tini-static binary
	ln -sf /sbin/tini-static "$pkgdir"/usr/bin/docker-init

	install -Dm755 "$srcdir"/docker.initd "$pkgdir"/etc/init.d/docker
	install -Dm644 "$srcdir"/docker.confd "$pkgdir"/etc/conf.d/docker
}

engine() {
	pkgdesc="Docker Engine (dockerd)"
	depends="$_engine_deps"

	amove \
		usr/bin/dockerd \
		usr/bin/docker-init \
		usr/bin/docker-proxy
}

engine_openrc() {
	default_openrc
	depends="log_proxy"
	install_if="openrc $pkgname-engine=$pkgver-r$pkgrel"
}

cli() {
	pkgdesc="Docker CLI"
	depends="ca-certificates"

	amove usr/bin/docker
}

cli_doc() {
	default_doc
	pkgdesc="Documentation for Docker"
	install_if="docs $pkgname-cli=$pkgver-r$pkgrel"
}

rootless() {
	pkgdesc="Extras to run docker as in rootless mode"
	url="https://docs.docker.com/engine/security/rootless/"
	arch="noarch"
	depends="$pkgname rootlesskit slirp4netns fuse-overlayfs"

	install -Dm755 "$srcdir/moby-$pkgver/contrib/dockerd-rootless.sh" "$subpkgdir/usr/bin/dockerd-rootless"
	install -Dm644 "$srcdir/docker-rootless-extras.conf" "$subpkgdir/etc/modules-load.d/docker-rootless-extras.conf"
}

sha512sums="
77189faeb7d07e7e75471f5483000b864337d2e82c36ae64f3b7e85a948bbbfd7ea004eac223256bd5f3cd8b2d12d31013e7a64c7b802b6598871374bfacdf02  cli-26.1.2.tar.gz
3222c396d474dd4a400849e32757967aeac485d9da87fc7869211638d3c262df29b98967317821108067d6ddd8aa984184d0a09c52ab384fc1a7840f9387ad15  moby-26.1.2.tar.gz
dd499b92058fc4d7d19e0c9030b1f390f58ac40be423442732cb7d02067ed2e43c464511772a21d4f347ec34f037ddd00cc1243dc41c8ce85151ac6142611d61  docker.initd
43432a05e5776910d45364aee9070932aa89f70eb9e69d3b7ed8e17d9a70eaed4c8c29b3524888214c7ddba592399e781a72255f7eb8fafd80c9f532a9481fac  docker.confd
45499bbd9d607cb782b014a2d5697d7279f327ac630accf249a13785d91e15fb0ba1ae2edc10b6b42fcf40b7ce23ef160a40d8cda17b3084d68fe8c54a84b8f4  docker-rootless-extras.conf
"
